Data Protection Officer : Does your company need a DPO for GDPR?

GDPR: Do you really need a Data Protection Officer?

As companies work to meet the 25th May 2018 deadline for GDPR compliance, they are finding that there is a market shortage of individuals trained to handle the DPO’s responsibilities. Outsourcing the DPO function will help your organisation address the compliance demands of the GDPR while staying focused on your core business activities.

What is Northdoor “DPO as a Service” (GDPR)

With this annual subscription service, you will be assigned a DPO who will serve as an independent data protection expert to your organisation as set out under the GDPR.

Northdoor can provide the following services:

Outlining a GDPR compliance programme based on findings from the GDPR Rapid Response program report (a prerequisite for the DPO service is a GDPR Rapid Response program).
Advising on data protection and information security matters pertaining to the GDPR.
Reviewing and advising on privacy policies, procedures and documentation.
Monitoring the collation of records of personal data processing operations.
Informing the training of staff involved in data processing operations.
Advising on data protection impact assessment (DPIA), their implementation and their outcomes.
Serving as the contact point for data protection authorities for all data protection issues.
Data breach management and reporting.
Serving as the contact point for data subjects on privacy matters, including subject access requests.

How to tell if you need a Data Protection Officer

GDPR sets out just three cases in which you must appoint a DPO; does your business fall into these categories?

1. Your organisation is a public authority or body
In the UK, all government departments, agencies and other public bodies must appoint a DPO. This includes local councils: 15% of which have yet to appoint a DPO (ICO, March 2017).

2. Your core business activity is monitoring individuals regularly and systematically on a large scale
Surprisingly, this can include paying employees, providing standard IT support, email remarketing and location tracking through apps.

3. Your core business activity consists of processing large-scale special categories of personal data or data relating to criminal offences
GDPR defines ‘special categories of personal data’ as ethnic origin, political opinions, religious beliefs, physical and mental health (among others). If you process this type of data on a large scale, including data relating to criminal offences, you must appoint a DPO.

Contact us today to find out how we can help you with your GDPR challenges

Contact us to find out how more about our DPO service

Full name*
Business Email Address*
Phone*
Company*
- Please check the box above to provide consent to receive more GDPR or Security information from Northdoor
Due to the new GDPR legislation (coming into effect 25th May 2018) you need to opt-in to our communications before we can email you content you’ve signed up for. Yes, we know it isn’t past the date yet, but we’re just getting a head start before it comes into force. Otherwise, if you’re not opted-in then you’ll stop receiving the great content we provide. You can opt-out at any time. We will only use your information within Northdoor and will not pass this to any other 3rd party marketing companies.

View our privacy policy here.
Comments
This field is for validation purposes and should be left unchanged.

GDPR DPO Managed Services

GDPR: Do you really need a Data Protection Officer?

What is Northdoor “DPO as a Service” (GDPR)

How to tell if you need a Data Protection Officer

Contact us today to find out how we can help you with your GDPR challenges